[Fedora-directory-users] netscapeRoot and Config propagation

Rich Megginson rmeggins at redhat.com
Thu Mar 6 21:39:21 UTC 2008 

Ken Marsh wrote:
>
> Thanks everyone for answering on the Groups question. I was so focused 
> People ou in the GUI I didn’t see the Group ou a few menu lines up. J 
> I went into it and rediscovered that I knew how to create posixgroups 
> two years ago. I created a new one succesfully and added users to it. 
> On an LDAP-ified Linux host they can now newgrp to that group.
>
> Now I have two more complicated questions.
>
>    1. Group info does not multi-master replicate like user info does.
>
> Specifically, I would like to manage posixgroups from any MultiMaster 
> server. My new posix group is stuck on just the server I created it on.
>
By default replication should replicate everything - it does not care 
what type of data it is.
>
>    2. Config data does not multi-master replicate like user info does.
>
> It would be nice to administer any server from any server.
>
The console/admin server don't really work that way. You should use 
o=NetscapeRoot replication for failover, not general load balancing. See 
http://www.redhat.com/docs/manuals/dir-server/ag/8.0/Managing_Replication-Replicating-ADS-for-Failover.html
>
> At the moment the only way I know how to do this is on installation. I 
> don’t want to reinstall any DS at this point, though. My understanding 
> is that mmr.pl sets up replication for only userRoot, not NetscapeRoot.
>
> I went through the Admin GUI and under the Configuration tab, 
> Replication->NetscapeRoot I checked “Enable Replica”, checked 
> MultiMaster and set up the Current Supplier DN’s to 
> cn=repman,cn=config just like userRoot.
>
> Now it has a replica entry under Directory Tab->config->mapping tree 
> just like dc=company,dc=com . However the attributes under 
> o=NetscapeRoot do not have the nsslapd-backend and nsslapd-referral 
> attributes. I’m guessing I need something like mmr.pl except for 
> NetscapeRoot to fill in the blanks.
>
> Is there a howto for this, or any tips?
>
> Once again, thanks to the Fedora DS development team for a great 
> product. Despite my noobish questions, it has saved me countless 
> manhours and been very reliable.
>
> Ken Marsh
>
> ANS System Administration Lead
>
> (410) 876-9200
>
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>   


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20080306/b9aea9bd/attachment.bin>

More information about the 389-users mailing list